package com.ding.authorizationserver.config

import com.ding.authorizationserver.service.ApplyClientDetailService
import com.ding.authorizationserver.service.AuthUserDetailsService
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer
import org.springframework.security.oauth2.provider.token.TokenStore
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore

@Configuration
@EnableAuthorizationServer
class AuthorizationServerConfig implements AuthorizationServerConfigurer {//认证服务配置

    @Bean
    TokenStore tokenStore(){    //基于内存的令牌存储
        new InMemoryTokenStore()
    }


    @Autowired
    private AuthenticationManager authenticationManager;    //认证管理器

    @Autowired
    private AuthUserDetailsService userDetailsService;      //用户详情服务

    @Autowired
    ApplyClientDetailService clientDetailsService           //客户端详情服务

    /*
        客户端认证的配置
     */
    @Override
    void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.withClientDetails(clientDetailsService)
    }

    /*
        对授权服务端点的安全约束
     */
    @Override
    void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        /*security
                .tokenKeyAccess("permitAll()")
                .checkTokenAccess("isAuthenticated()")
                .passwordEncoder(passwordEncoder)*/
    }

    /*
        授权服务端点配置
     */
    @Override
    void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.tokenStore(tokenStore())              //令牌存储
                .authenticationManager(authenticationManager)   //认证管理器
                .userDetailsService(userDetailsService)        //用户认证服务

    }


}
